Security Operations Analyst L1 to join our high-performing Security Operations team. As a part of the team, you will be responsible for Monitoring Security Systems, initial investigation based on alerts from security monitoring systems, and also take care of security-related incidents.
- To detect Incidents by monitoring the SIEM console, Rules, Reports, and Dashboards.
- To Monitor the SIEM console resources to identify any anomalies.
- To report the incident to the concerned team along with the SOC.
- To escalate the incident whenever the SLA's are not met.
- To monitor the health of the SIEM tool.
- To assist the SOC team in incident detection and resolving.
- To communicate with external teams in proper incident resolution.
Specifically, you will
· Create daily, weekly, and monthly reports for the Security Management Team.
· Perform monitoring security systems and perform first responder tasks and activities and escalate to L2 as necessary.
· Respond and perform initial investigation based on alerts from security monitoring systems.
· Create initial reports based on investigation findings.
· Act as a Key resource for initial triage and resolution point both Security/Issue incidents, tracking the following functions: resolution, escalation, and post mortem process.
· Take care of Incident Management, Event Management, Configuration Tracking & Auditing
· Perform front line response and escalation tasks, you will be the initial POC for all after-hours IT support items, excluding helpdesk related items.
· 1.5 years of experience in L1 security monitoring.
· Has intermediate to advanced knowledge on Windows Server and Linux OS.
· Ability to act upon identified vulnerabilities.
· Experience with operational/security monitoring, both from administration and response experience.
Skills for Success
· SIEM, UTM, and other security tools
· Security monitoring experience
· CCNA, CEH,
· Ability to perform troubleshooting effectively
· Compile daily shift activities into daily shift reports
· Compile monthly, quarterly, and annual SOC statistics
· Maintain awareness of trends in the security regulatory, technology, and operational requirements.
· Windows Server and Linux administration (Intermediate)
· SIEM and UTM basic administration
· Bachelor's Degree or equivalent experience
· SIEM OEM Certification (Optional)
· 24 X 7 coverage (Rotational)